EmCare said it became aware of the data security incident “recently,” leading to an internal investigation. It has engaged a forensic security firm to determine the scope of the breach, according to a notice the company posted online Saturday. EmCare determined on Feb. 19 that the email accounts in question contained patient data, including some names, dates of birth, clinical information and Social Security numbers.

An EmCare spokesperson said the company is not releasing information regarding when it learned of the breach.